jaas

问题 The following code is for authenticating to a windows AD server using Java+Kerberos and it works fine- public class KerberosAuthenticator { public static void main(String[] args) { String jaasConfigFilePath = "/myDir/jaas.conf"; System.setProperty("java.security.auth.login.config", jaasConfigFilePath); String krb5ConfigFilePath = "/etc/krb5/krb5.conf"; System.setProperty("java.security.krb5.conf", krb5ConfigFilePath); boolean success = auth.KerberosAuthenticator.authenticate("testprincipal",

问题 I have met some issues while trying to consume messages from Kafka with a Spark Streaming application in a Kerberized Hadoop cluster. I tried both of the two approaches listed here : receiver-based approach : KafkaUtils.createStream direct approach (no receivers) : KafkaUtils.createDirectStream The receiver-based approach ( KafkaUtils.createStream ) throws 2 types of exceptions (different exceptions whether I am in local mode ( --master local[*] ) or in YARN mode ( --master yarn --deploy-mode

问题 I need to write a java program to connect to a HTTPS server (DoD website). The website requires CAC (DoD common access card) authentication. If you access this site via browser, you insert your CAC first, and then enter a PIN. I need to accomplish the authentication process programmatically in java (kind of acting like browser). How do I retrieve the information from the CAC? I have been Googling around and read the Java PKCS#11 Reference Guide. Seems like Sun PKCS#11 Provider can do it, but

问题 I have this security configuration in Glassfish domain.xml which works for 4.0 but fail in 4.1.1 can someone help to identify what is wrong. The only difference is the class package "ee" GF 4.0 (with extra ee ) <auth-realm classname="com.sun.enterprise.security.ee.auth.realm.jdbc.JDBCRealm" name="authentication-realm"> <property name="jaas-context" value="jdbcRealm"></property> <property name="password-column" value="password"></property> <property name="datasource-jndi" value="jdbc/SomeDS"><

问题 I am trying to secure my application which is built using JSF2.0. I am confused about when do people choose to go with security alternatives like Shiro, Spring Security or owasp's esapi leaving behind container managed security. Having seen some of related questions on Stack Overflow, where I realized that container based security was more preferred by JSF developers in past. But I have also been strongly recommended to use Apache Shiro. I am novice in terms of the security issues and have no

问题 My understanding is that both JAAS and SQL Server can be configured to use kerberos in a domain environment, with an active directory server. My understanding that JAAS gets the user credentials from the user or from a file at the time of the connection - asks the directory server for a ticket, and presents that to the server. Where does the SQL Server Driver get its kerberos ticket from? (as it seems to be able to obtain creditentials from the users existing login). Does it get the user

问题 I'm still playin with Wildfly-9.0.1.Final and JAAS (see my previous question Wildfly and JAAS login module) in a web application that use a BASIC auth-method . While my custom login module works I got some problems about authorization. I use a RESTeasy RESTFul web service with annotation to test, here is the code: package it.bytebear.web.mongo; import it.bytebear.web.mongo.jaas.MongoModuleCallbackHandler; import it.bytebear.web.mongo.model.User; import java.security.Principal; import java

问题 Hi i have secured my server using JAAS and i have performed the web authentification , now i have to authenticate from mobile application using android app , how can we use the Rest web services after authentication , is JAAS support access from mobile app ? i have a ws that allow me to verify if the login and password are corect ; haw can i access this ws ? on the web app there is the container authentification so after doing this , i am allowed to use all my ws is there any thing like this

问题 I have a Java application running on Windows that needs to authenticate to a webapp using Kerberos/SPNEGO. I'm aware of how to configure JAAS to achieve this, but I find the Java (JDK6 and JDK7beta) Kerberos implementation to be lacking a couple important features I need. For example, support for referrals or using the DNS to figure out the realm of a host (I have a multi-realm environment). Is there a third-party module that can implement authentication using the Windows native SSPI? We've

问题 Please help me on a kerberos+Java problem. I have a simple Java program to authenticate to a Windows Active Directory using Kerberos. The following java code works fine without any problems and prints true- public class KerberosAuthenticator { public static void main(String[] args) { String jaasConfigFilePath = "/myDir/jaas.conf"; System.setProperty("java.security.auth.login.config", jaasConfigFilePath); System.setProperty("java.security.krb5.realm", "ENG.TEST.COM"); System.setProperty("java